When trying to execute any action for a WAB/plugin portlet, the CSRF token check always fails. Non-wab OSGi modules work ok.
- Microblogs, Knowledge Base (plugins).
- Polls, Wiki (WAB modules).
To reproduce (using polls as an example):
- Go to Admin > Content > Polls
- Click on "Add" and insert valid data into the form
Expected: A new poll is correctly created
Actual: The action has no effect, and the following message is shown in the logs: [SecurityPortletContainerWrapper:336] User 20195 is not allowed to access URL http://localhost:8080/group/control_panel/manage and portlet 25_WAR_pollsweb